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DETAILED ACTION 

1 . This is in response to the arguments filed on 02/12/2007. 

2. Claims 1-24 are pending in the application. 

3. Claims 1-24 have been rejected. 

Response to Amendment 

4. The examiner approves the amendments made to claim 21 , and 23. 

Response to Arguments 

5. Applicant's arguments with respect to claims 1 -24 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

6. Claims 1-24 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Williams et al hereafter Williams (patent application 20050257267) in view of Tonelll et 
al hereafter Tonelli (US Patent 6229540). 

7. As per claim 1 , Williams discloses a method comprising: collecting security 
information from the nodes of the enterprise under audit; analyzing the security 
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information and providing a first result of this analysis; and a second result comprising 
security standards applicable to the enterprise under audit and one or more other 
enterprises that together form a relevant peer group, the result indicating the relative 
security of the enterprise under audit relative to that of the peer group of enterprises 
(paragraphs, 0010, 0007). Although, Williams discloses comparing the results 
(paragraphs, 0101), he does not explicitly disclose comparing this first result with a 
second result. Nevertheless, it is well known in the network security art at the time of 
invention that auditing result to be compared with a standard result. Exemplary of this is 
Tonelli who discloses comparing this first result with a second result (col. 4, lines 27-42, 
col. 22, lines 8-19). 

Accordingly, it would been obvious to one of ordinary skill in the network security art at 
the time of invention was made to have incorporated Tonelli's teachings of auditing 
networks with the teachings of Williams, for the purpose of suitably using the auditing 
result to compare with a standard result (col. 4-6). 

8. As per claim 2, Williams discloses the method in the comparing step, the second 
result comprises infomnation derived from industry standards applicable to the relevant 
peer group of enterprises (paragraphs, 0073). 

9. As per claim 3. Williams discloses the method wherein, the second result 
comprises information collecting and analyzing steps to two or more enterprises in the 
relevant peer group s (paragraphs, 0010, 0007). He does not disclose in the comparing 
step, derived from information previously obtained through application. However, Tonelli 
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discloses in the comparing step, derived from information previously obtained tlirough 
application (col. 4, lines 27-42, col. 22, lines 8-1 9). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 3. 

1 0. As per claim 4, Williams discloses the method comprising the step of generating 
at least one report that presents the first and second results (paragraphs, 0010, 0007). 
He does not disclose an-anged in a way that facilitates their comparison. However, 
Tonelli discloses arranged in a way that facilitates their comparison (col. 4, lines 27-42, 
col. 22, lines 8-19). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 4. 

11. As per claim 5, Williams discloses the method wherein the generating step 
includes presenting the first and second results each broken down into several results 
relating to several different areas of security, with a first and a second result presented 
for each different area of security (paragraphs, 0010, 0007). He does not disclose 
arranged in a way that facilitates their comparison. However, Tonelli discloses arranged 
in a way that facilitates their comparison (col. 4, lines 27-42, col. 22, lines 8-19). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 5. 

1 2. As per claim 6, Williams discloses the method wherein, in the generating step, 
the results relating to several different areas of security comprise results arising from 
analysis of personnel security infomnation and physical security information, at least 
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some of the information included in the first result having been gathered using 
interviews during the collecting step (paragraphs, 106, 107). 

1 3. As per claim 7, Williams discloses the method wherein, in the generating step, 
the results relating to several different areas of security comprise results arising from 
analysis of password security infomnation and file access permission security 
information (paragraphs, 0121). 

14. As per claim 8, Williams discloses the method wherein, In the generating step, 
the results relating to several different areas of security further comprise results arising 
from analysis of personnel security infomnation and physical security information, at 
least some of the infomiation included in the first result having been gathered using 
interviews during the collecting step (paragraphs, 106, 107). 

1 5. As per claim 9, Williams discloses the method wherein. In the generating step, 
the several different areas of security comprise one or more results of analysis of node 
configuration security information and one or more results of analysis of security 
information gathered using interviews (paragraphs, 106, 107). 

1 6. As per claim 1 0, Williams discloses the method wherein, in the generating step, 
the one or more results of analysis of node configuration security infomnation comprise 
results arising from analysis of password security infomnation (paragraphs, 0010, 0007). 

1 7. As per claim 1 1 , Williams discloses the method wherein, in the generating step, 
the one or more results of analysis of node configuration security information comprises 
results arising from analysis of file access permission security infomiation (paragraphs, 
0010, 0007). 
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1 8. As per claim 12. Williams discloses the method wherein, the generating step 
generates at least two reports in different fonmats for different requesting parties or 
uses, and in particular one for technical experts that includes technical language and 
details and another for non-technical-experts that substantially excludes technical 
language and details (paragraphs, 0010, 0007). He does not disclose in the 
comparative of two results. However, Tonelli discloses confiparative of two results (col. 
4, lines 27-42, col. 22, lines 8-19). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 12. 

1 9. As per claim 1 3, Williams discloses the method to which is added: generating 
and executing commands to alter the security infomnation of one or more nodes to 
improve system security, in at least some cases when the analysis or comparison or 
both indicate security is in need of improvement (paragraphs, 0010, 0007). 

20. As per claim 14, Williams discloses the method comprising; generating at least 
one report that presents the first and second results (paragraphs, 0010, 0007). He does 
not disclose arranged in a way that facilitates their comparison. However, Tonelli 
discloses arranged in a way that facilitates their comparison (col. 4, lines 27-42, col. 22, 
lines 8-19). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 14. 

21 . As per claim 1 5, Williams discloses the method wherein the generating 
commands step generates commands which force the deactivation or correction of one 
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or more passwords when the analysis or comparison or both indicate that these one or 
more passwords are not sufficiently secure (paragraphs, 0010, 0007). 

22. As per claim 1 6, Williams discloses the method wherein the generating 
commands step generates commands which force alteration of one or more 
configuration file or control file access permissions if the analysis or comparison or both 
indicate that the access permissions assigned to these one or more files do not provide 
adequate system security (paragraphs, 0010, 0007). 

23. As per claim 1 7, Williams discloses a system for auditing the security of an 
enterprise comprising: a plurality of nodes within the enterprise under audit; collectors 
associated with the nodes and arranged to collect from the nodes information 
concerning the security of the enterprise under audit; 

a security analyzer arranged to analyze the information concerning the security of the 
enterprise under audit and to provide a first result of this analysis; a data base 
containing a second result comprising security standards applicable to the enterprise 
under audit and one or more other enterprises that together fonn a relevant peer group; 
to determine the relative security of the enterprise under audit in comparison to that of 
the enterprises in the relevant peer group (paragraphs, 0010, 0007). Although, Williams 
discloses comparing the results (paragraphs, 0101), he does not explicitly disclose 
comparing this first result with a second result. Nevertheless, it is well known in the 
network security art at the time of invention that auditing result to be compared with a 
standard result. Exemplary of this is Tonelli who discloses a comparison mechanism 
arranged to compare the first and second results (col. 4, lines 27-42, col. 22, lines 8-19). 



Application/Control Number 10/706,629 Page 8 

Art Unit: 2136 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 17. 

24. As per claim 18, Williams discloses a system to which is added: a report 
generator that generates at least one report which presents the first and second results 
arranged each broken down into several results relating to several different areas of 
security, with a first and second result presented for each different area of security and 
an-anged in a way (paragraphs, 0010, 0007). He does not disclose arranged in a way 
that facilitates their comparison. However, Tonelli discloses arranged in a way that 
facilitates their comparison (col. 4, lines 27-42, col. 22, lines 8-19). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 18. 

25. As per claim 19, Williams discloses a system to which is added: change agents 
associated with the nodes and able to execute commands that alter node configuration 
information; and a command generator that provides commands to the change agents 
on selected nodes to alter node configuration infomriation to improve system security in 
response to the analyzer or comparison mechanism or both determining security 
improvements are needed (paragraphs, 106, 107). 

26. As per claim 20, Williams discloses a system wherein the command generator 
includes a mechanism that can generate commands which, when executed, cause one 
or more of the change agents to force the deactivation or con-ection of one or more 
secure passwords if the security analyzer or comparison mechanism or both determine 
that one or more passwords are not sufficiently secure (paragraphs, 106, 107). 
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27. As per claim 21 , Williams discloses a system wherein the command generator 
includes ~ a mechanism that can generate commands which, when executed, cause 
one or more of the change agents to force the alteration of the access permissions of 
one or more configuration files or control files if the security analyzer or comparison 
mechanism or both determine that the access permissions assigned to one or more 
such files do not provide sufficient security (paragraphs, 0010, 0007). 

28. As per claim 22, Williams discloses a system for auditing the security of an 
enterprise comprising: a plurality of nodes within an enterprise under audit; collector 
means associated with the nodes for collecting infomiation from the nodes concerning 
the security of the enterprise under audit; 

security analyzer means for analyzing the information concerning the security of the 
enterprise under audit and for providing a first result of this analysis; data base means 
for storing and for presenting a second result comprising security standards applicable 
to the enterprise under audit and one or more other enterprises that together form a 
relevant peer group; determine the relative security of the enterprise under audit in 
comparison to that of the enterprises in the relevant peer group (paragraphs, 0010, 
0007). Although, Williams discloses comparing the results (paragraphs, 0101), he does 
not explicitly disclose comparing this first result with a second result. Nevertheless, it is 
well known in the network security art at the time of invention that auditing result to be 
compared with a standard result. Exemplary of this is Tonelli who discloses comparison 
means for comparing the first and second results (col. 4, lines 27-42, col. 22, lines 8- 
19). 
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The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 22. 

29. As per claim 23, Williams discloses a system to which is added report generation 
means for generating at least one report which presents the first and second results 
each broken down into several results relating to several different areas of security, with 
a first and second result presented for each different area of security (paragraphs, 0010, 
0007). He does not disclose an-anged in a way that facilitates their comparison. 
However, Tonelli discloses arranged in a way that facilitates their comparison (col. 4, 
lines 27-42, col. 22, lines 8-1 9). 

The same motivation that was utilized in the combination of claim 1 applies equally as 
well to claim 23. 

30. As per claim 24, Williams discloses a system to which is added change agent 
means associated with the nodes for executing commands that alter node configuration 
information; and 

command generator means for providing commands to the change agent means on 
selected nodes as needed to alter system configuration information to improve system 
security in response to the security analyzer means or the comparison means or both 
detemnining that security improvements are needed (paragraphs, 0010, 0007). 



Conclusion 
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25. Any inquiry concerning this communication or earlier communications from tine 
examiner should be directed to Mohammad w. Reza whose telephone number is 571- 

272- 6590. The examiner can normally be reached on M-F (9:00-5:00). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, MOAZZAMI NASSER G can be reached on (571)272-4195. The fax phone 
number for the organization where this application or proceeding is assigned Is 571- 

273- 8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Infomiation Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
infonnation for unpublished applications is available through Private PAIR only. For 
more infonnation about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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